Blumira sensors connect your environment to the Blumira platform so that we can collect logs and detect threats in your network.
Before you begin
Before you can add a sensor in the Blumira app, you must do the following:
- Build the sensor on an Ubuntu server or virtual machine (VM) that meets the minimum requirements.
Reference: For more information about minimum requirements and installation instructions, see Building a Blumira sensor on Ubuntu.
- Run update processes on the server (i.e., 'sudo apt-get update && sudo apt-get upgrade'), and then reboot it.
To add a sensor in the Blumira app:
- Log in to Blumira.
- Navigate to Settings.
- Verify that the location where you want to add a sensor does exists. If it does not exist yet, click Add New Location, and then add its information.
- In the Settings menu, click Sensors.
- Click Add New Sensor.
- Type a unique name for the sensor (excluding spaces) in the Name box.
- Type any notes or descriptors that are helpful to know about this sensor in the Description box. For example:
- If you do not want all administrators in your Blumira account to receive a sensor installation email, then select the check box next to Email sensor installation link only to me.
Important: Some email security settings can cause the emailed link to break. Step 12 provides instruction on where to find the installation instructions in the app.
- From the Location menu, select the location that you verified or added above.
- Click Install.
- After the page refreshes on its own (do not refresh it manually), the sensor appears.
Tip: The circle next to the sensor's name indicates its status and transitions from red to green after it connects to Blumira. It is normal to not see logging devices.
- On the sensor's detail page, under Installation Instructions, copy the provided script and paste it into a Linux terminal to run the script.
- When the install script successfully completes, a docker container appears on your host, which contains the sensor stack. After five to 10 minutes, refresh the Sensor page. The details of the host appear and the sensor's status is green.